<?php
	session_start();
	require('include/config.php');
	$db=mysql_connect($dbhost,$dbuser,$dbpassword);
	mysql_select_db($dbbase,$db);
	
	if(isset($_GET['submit'])){
		$sql="SELECT * FROM logins WHERE username = '".$_GET['username']."' AND password = '".
		$_GET['password']."';";
		
		$result=mysql_query($sql);
		echo $result;
		$numrows=mysql_num_rows($result);
		if($numrows == 1){
			$row = mysql_fetch_assoc($result);
			session_register('USERNAME');
			session_register('USERID');
			
			$_SESSION['USERNAME']=$row['username'];
			$_SESSION['USERID']=$row['id'];
			header("Location: http://".$_SERVER['HTTP_HOST']);
		}else{
			header("Location: http://".$_SERVER['HTTP_HOST']."/login.php?error=1");
		}
	}else{
		require('include/header.php');
		if(isset($_GET['error'])){
			echo "Incorrect login, please try again.";
		}
?>
<form action="login.php" method="get">
	<table>
		<tr>
			<td>Username</td>
			<td><input type="text" name="username" /></td>
		</tr>
		<tr>
			<td>Password</td>
			<td><input type="password" name="password" /></td>
		</tr>
		<tr>
			<td></td>
			<td><input type="submit" name="submit" value="Login!" /></td>
		</tr>
	</table>
</form>

<?php
	}
	require('include/footer.php');
?>